Centrify CEO Tom Kemp in a sponsored piece on VentureBeat gives his take on current trends in the Identity and Access Management market place, and he is upbeat on the future of cloud IAM solutions and the effect they will have on the industry (which makes sense, given his company offers just such a cloud-based approach). He notices two big trends. First, the cloud and mobility in general are greatly disrupting the IAM industry, and second, the cloud allows formerly incompatible security approaches Identity Management to coexist easily and cheaply.
First, Kemp says that as a result of BYOD, BYOA (Bring Your Own Application), SaaS and IaaS, IT departments no longer own the user end point or even the back-end resources. This has created a troubling environment for traditional security providers, as the needs for identity and access management increase rapidly while the capability of traditional solutions to provide enterprise security solutions declines:
Traditional IT security products such as anti-virus and firewalls are not really relevant in a world in which users are no longer inside the firewall and are now using their iPads at Starbucks to access Salesforce, Concur, Google Apps, etc.
Cloud-based providers have an edge in this new world, as cloud platforms offer a “more nimble” IAM solution that is better equipped to handle other cloud platforms combined with the mobility revolution. Cloud IAM has already disrupted the industry, according to Kemp, if you look at revenue shares of the global IAM solutions provider market:
Gartner noted that the rapid growth of mobile and cloud-based security is propelling the cloud-based identity market (aka IDaaS market) to more than $1 billion by 2017.So if you take the $1.2 billion of the IDaaS market and divide it into the $6.9 billion of the overall IAM market, that means about 20 percent of the market will be cloud-based. That’s disruption happening.
Second, Kemp reminds us that it’s important to remember that the IAM industry has historically not consisted of companies offering variations of the same type of platform, but rather highly differentiated solutions existing in completely separate sub-categories. IDC noted six of those sub-categories:
- Web/Federated SSO
- “Advanced Authentication,” an example of which is Public Key Identification (PKI) according to IDC
- User Provisioning
- Enterprise (Host) SSO
- Legacy Authorization
- Personal Portable Security Devices (i.e. the traditional token market)
The different technologies involved and the different types and needs of buyers from one sub-category to another make it difficult for traditional IAM solutions providers to even offer solutions in all categories at once, let alone effectively compete or establish dominance. Neither have IAM solutions integrators proven successful at effectively weaving these separate components together into a single suite that they could resell. This state of affairs is illustrated by the fractured market share of the major industry players: “no one vendor today has more than 15 percent market share,” and there are many, many small players.
Cloud is changing this state of affairs, however:
Because cloud-based architectures make it easier to add functionality via agile development, what we are now finding is that cloud-based vendors can more easily offer multiple features from the multiple segments of identity in a single solution. So what were multiple “swim lanes” before in the identity market are now being collapsed into a single integrated solution.
Nevertheless, by Kemp’s own admission, Centrify’s IAM solution can only offer 4 out of the 6 IDC categories in a single, affordably priced suite, demonstrating the continued difficulty of unifying the the sub-categories. That’s still better than 6 separate, exorbitantly priced suites for each sub-category that traditional IAM solutions providers offer, Kemp fires back. Time will tell if the market agrees with Kemp’s views.
For Tom Kemp’s piece at VentureBeat, click here.
- Yahoo Goes Passwordless to Access Account Services - April 6, 2015
- The Identity of Things Could Streamline Government Services - March 30, 2015
- The Third-Party Threat: Are You Safe? - March 18, 2015